var express = require('express');
var jwt = require('jsonwebtoken');
var router = express.Router();

// route to authenticate a user (POST http://localhost:8080/api/authenticate)
router.post('/', function(req, res) {
    var username = req.body.username;
    var password = req.body.password;
    //TODO 验证username和password的合法性

    //生成Token
    var token = jwt.sign({
        username:username,
        password:password
    },req.app.get("superSecret"),{
        expiresIn : 60
    });

   var result = jwt.verify(token,req.app.get("superSecret"),function(err,decoded){
        console.log(decoded)
   })
   
    res.json({
        success:true,
        message:"Enjoy your token",
        token:token
    });
});


module.exports = router;